IRC channel logs
2023-12-15.log
back to list of logs
<pabs3>stikonas: deb.debian.org supports TLS now btw <pabs3>ftp.*.d.o do not and won't, but the individual mirrors behind them might <matrix_bridge><cosinusoidally> distributing packages/source code over http is fine. All that really matters is a gpg signature (like the Release.gpg on debian repos). <matrix_bridge><cosinusoidally> though if you can sniff http traffic to a debian mirror you can probably figure out what vulns a user is currently vunlerable to. <matrix_bridge><cosinusoidally> (until they retrieve the update from the repo) <matrix_bridge><Andrius Štikonas> sometimes you might be able to figure it out with https too <fossy>ok, merging simplify & co tonight... <fossy>may be a few teething issues that i haven't identified.. but should be mostly?? good <oriansj>cosinusoidally: well offline file transfer can limit that to a degree; USB protocols and the like however present some problems